Garreth Cameron, ICO, Data Protection in the Digital Age
Garreth Cameron, Group Manager Business and Industry at Information Commissioner’s Office has written an article for techUK's Data Driven Economy Week looking at Data Protection in the Digital Age.
Data protection in the digital age
Businesses benefit from the wealth of data generated in our digital society. Whether data helps develop new products and services, improve or personalise existing ones, or increase revenue through better targeted marketing, the system relies upon consumers being comfortable with sharing their information.
At the Information Commissioner’s Office (ICO), the UK’s independent data protection authority, we want to achieve a society in which all organisations which collect and use personal information do so responsibly, securely and fairly. It’s part of our job as the information rights regulator to shine a light on those areas where the collection of data may not be obvious. Judging by media coverage from our recent blogs on what mobile apps are actually doing and wifi location tracking, there is a growing awareness of how data is collected and analysed by organisations ‘behind the scenes’.
So what do the public think about how organisations use their data, and why’s it important? Every year the ICO conducts research through our annual track. In our most recent survey we found that 85% of those questioned were concerned about how their personal information is sold or passed to other organisations, and 77% were concerned that organisations are not keeping their data secure. Last summer the Competition and Markets Authority in its report on the commercial use of consumer data, concluded that “consumer trust already appears to be fragile, and if attitudes shift as a result of a rapid evolution in data collection and sharing, this could lead to behavioural changes that hinder consumers’ willingness to engage with new developments and act as a potential barrier to investment and innovation”. In short, data protection safeguards matter.
Trust was once described to me as being like a bank account. You need to make regular deposits to build your balance. In data protection terms those deposits could take the form of communicating privacy information clearly (see our recent privacy notices code consultation), using data fairly and lawfully and making it easy for customers to access their data. Conversely, you should avoid making withdrawals as these erode your hard-earned gains. Failing to keep data secure, collecting information you do not need, denying consumers appropriate control over their data, and relying upon hidden terms and conditions - which are subsequently brought to the surface by the media - are all sure fire ways to see businesses losing consumer trust. TalkTalk’s announcement that they had lost 100,000 customers and had to set aside £60m following a reported hacking incident should be a warning to all.
Having the right legal and regulatory environment which gives consumers confidence that they can live and transact safely online, and which gives businesses confidence about what they need to do to comply, is key to ensuring a successful digital economy,. The ICO has a key role to play in this.
There is lots of change on the horizon, and in just over two years’ time data protection laws will undergo reform when the General Data Protection Regulation (GDPR) is expected to come into force across Europe. Designed to update the law for the digital age, individuals will gain greater control over their data through strengthened rights. No longer will someone have to pay to obtain the data that a business holds about them. In some cases this information will also need to be provided in a commonly used electronic format. Individuals will also have the right to object to their data being used to profile them, and a right not to be subjected to automated decision making in certain circumstances.
Businesses will need to be more transparent and accountable in how they comply with data protection. New requirements to report security breaches should help focus minds on what can be done to prevent data being lost, and the ICO will have strengthened enforcement powers to make the point felt when organisations haven’t looked after customer data appropriately.
We will, of course, continue to work with trade bodies like techUK to understand what business priorities are in terms of implementation, and what advice and guidance organisations need to help get it right. One of the first steps we’ve taken is to launch our microsite www.dpreform.org.uk where we’ll be posting all the latest news and guidance on the reforms. We’ve also produced our first piece of guidance Preparing for the GDPR: 12 steps to take now to help organisations start thinking about what they need to do.
Latest News from
Chipside and ORCHA: WITSA Global ICT Excellence Award Winners 202223/09/2022 16:25:00
techUK members Chipside and ORCHA win at the WITSA Global ICT Excellence Award 2022.
Microsoft backs new Northern Ireland initiative to tackle gender diversity gap in cyber security22/09/2022 10:15:00
A rapidly expanding cross-sector initiative, aimed at improving gender diversity in one of the country’s fastest growing but least diverse tech sectors, has welcomed the global technology leader Microsoft as its latest high-profile industry partner.
Prime Minister to announce new defence spending commitment and refresh of 2021 Integrated Review22/09/2022 09:15:00
UK Prime Minister Liz Truss will announce an update to the 2021 Integrated Review in a speech at the UN General Assembly yesterday.
Building the Smarter State Week 202220/09/2022 11:10:00
This week, 19-23 September, the Central Government Programme is running its Building Smarter State Week in the running its Building the Smarter State Week in the run-up to the eighth edition of our flagship public services conference, Building the Smarter State, which will take place at The Royal Society on Thursday 29 September.
Taking innovation from precarious place to competitive edge | Guest blog from NTT Ltd15/09/2022 11:05:00
Edgy, close to the edge, on the edge of our seat – phrases like this make the edge sound a precarious place to be.
Call for contributions: techUK Innovation in Rail week #RailTechUK15/09/2022 09:05:00
Members are invited contribute to our upcoming Innovation in Rail campaign running from 17-21 October 2022. Over the week, we will spotlight content from our members on our website and across our social media channels.
techUK response to West London Data Centre Power Coverage14/09/2022 12:05:00
techUK response to West London Data Centre Power Coverage
Final details of UK's new telecoms security framework confirmed12/09/2022 12:20:00
The UK Government has listened carefully to the views of techUK members and made changes to its final regulations, forthcoming as part of the Telecoms Security Act. In particular, the implementation timeframes contained in the code of practice have been amended – giving members more time to address the new measures, without compromising security.